Posts tagged: mta-sts
NIS2 Email Security: Article 21 → DMARC, MTA-STS, DANE
NIS2 compliance: map Article 21(2) to email auth — DMARC, SPF, MTA-STS, DANE, TLS-RPT. The control map, copy-paste DNS checks, and a 2026 readiness plan.
MTA-STS Example: Working Policy File & DNS Record [2026]
Copy-paste a working MTA-STS DNS record and .well-known policy file. RFC 8461 examples for Google Workspace, Microsoft 365, Postfix, plus mode progression and validators.
TLS-RPT Reports: SMTP TLS Reporting Explained (RFC 8460)
TLS-RPT reports tell you when SMTP TLS fails between mail servers. See an annotated RFC 8460 JSON example, every result type, and how to set it up.
DANE Email Authentication: Why 0.0% of Domains Use It
DANE binds TLS certificates to DNS via DNSSEC — but only 30 of 5.5M scanned domains use it. Inside RFC 7672, TLSA records, NIS2, and DANE vs MTA-STS.